Electronic payments may be performed in a variety of ways. A payment terminal may process payment transactions, and may interact with payment devices such as a payment card having a magnetic strip that is swiped in a magnetic reader of the payment terminal, a payment device having a Europay/Mastercard/Visa (EMV) chip that is inserted into corresponding EMV slot of the payment terminal, and near field communication (NFC) enabled devices such as a smartphone or EMV card that is tapped at the payment terminal and transmits payment information over a secure wireless connection. The payment terminal may receive payment information from the payment device as well information about a transaction, and may communicate this information to a payment system for processing of the transaction.
As a result of its central role in the transaction processing system, the payment terminal is a prime target for third party attackers attempting to access payment information, process fraudulent transactions, and otherwise engage in fraudulent activities or theft. In many cases, the attackers attempt to physically access components of the payment terminal, such as one or more communication lines carrying data or a processor that communicates and processes payment information. Attackers may attempt to eavesdrop on signals (e.g., a passive attack) or to modify or spoof payment processing communications (e.g., an active attack) by injecting malicious signals into the payment terminal.
In an effort to thwart physical attacks, payment terminals may implement tamper detection devices such tamper meshes and tamper switches to identify tamper attempts. For example, if an attacker attempts to remove the cover of the payment terminal, a tamper switch may open. A tamper mesh may include a pattern of conductive traces that effectively encloses sensitive components such as the processor or other circuitry of the payment terminal. If an attacker attempts to access the sensitive components (e.g., by drilling a small hole into the payment terminal), one or more conductive traces may be broken or damaged, resulting in a change in the electrical state of the tamper mesh (e.g., by opening a circuit, closing a circuit, modifying an electrical signal's amplitude or phase, etc.). Circuitry of the payment terminal can sense the change in the electrical state of the tamper mesh to determine that a tamper attempt may have occurred and take corrective action (e.g., shut off the payment terminal) to avoid a loss of payment information. However, as attackers become more sophisticated, measures such as tamper switches or tamper meshes may be bypassed.